How Secure Is SIP?

SIP uses the same plain-text language as HTTP making it have similar security to web traffic that is not encrypted. Thus, the risks attached to internet use also apply to SIP, including authenticity, privacy, glitches, and crashing with increased traffic. Phones should always be protected behind a firewall or router to make sure that they cannot be accessed from the internet.

SIP uses digest authentication to prevent someone from monitoring the traffic from the phone and authenticating themselves as your device. Digest authentication is a method by which a device can securely send encrypted passwords over HTTP.

Another issue is the concept of survivability of these networks. Traditional communication tends to be seen as more reliable. However, IP systems have the option of duplexed systems and redundancy. This means that if an issue occurs, communications can be re-routed and addressed without any pause. Thus, the communicators may not even be aware that a glitch has occurred, which is particularly beneficial in customer relations. In addition, there are very rare instances when IP communications within an enterprise would not be able to handle a malfunction, even a very serious one.